Contact:

What GAO Found

Progress has been made, but additional work is needed to overcome many of the obstacles to the safe integration of unmanned aircraft systems (UAS) that GAO identified in 2008. GAO reported in 2008 that UAS could not meet the aviation safety requirements developed for manned aircraft and that this posed several obstacles to safe and routine operation in the national airspace system. These obstacles still exist and include the inability for UAS to sense and avoid other aircraft and airborne objects in a manner similar to manned aircraft; vulnerabilities in the command and control of UAS operations; the lack of technological and operational standards needed to guide safe and consistent performance of UAS; and final regulations to accelerate the safe integration of UAS into the national airspace system. The Joint Planning and Development Office of the FAA has provided UAS stakeholders with a framework to collaborate and coordinate their UAS integration efforts.

Congress set forth specific requirements and deadlines in the FAA Modernization and Reform Act of 2012 for FAA to safely accelerate UAS integration. FAA, in coordination with stakeholders, has begun making progress toward completing those requirements, but has missed one deadline and could miss others. Many of the requirements entail significant work, including completing planning efforts and issuing a final rule for small UAS. Most of the requirements are to be achieved by December 2015. While FAA has taken steps to meet them, it is uncertain when the national airspace system will be prepared to accommodate UAS given that these efforts are occurring simultaneously and without monitoring to assess the quality of progress over time toward the deadlines Congress established. Better monitoring can help FAA understand what has been achieved and what remains to be done and can also help keep Congress informed about this significant change to the aviation landscape.

Concerns about national security, privacy, and the interference in Global Positioning-System (GPS) signals have not been resolved and may influence acceptance of routine access for UAS in the national airspace system. The Department of Homeland Security's (DHS) Transportation Security Administration (TSA) has the authority to regulate security of all modes of transportation, including non-military UAS. Working with FAA and other federal agencies, TSA implements security procedures, such as airspace restrictions like those limiting operations into and out of Ronald Reagan National Airport. In 2008, GAO recommended that TSA examine the security implications of non-military UAS. According to a TSA official, it recently reviewed its UAS related advisories and determined that they are still applicable. TSA has not provided information on its efforts to mitigate security implications of UAS, and GAO believes TSA should act on this recommendation. Stakeholder privacy concerns include the potential for increased amounts of government surveillance using technologies placed on UAS, the collection and use of such data, and potential violations of constitutional Fourth Amendment protections against unreasonable search and seizures. Currently, no federal agency has specific statutory responsibility to regulate privacy matters relating to UAS for the entire federal government. Some stakeholders have suggested that DHS or the Department of Justice (DOJ) might be better positioned to address privacy issues since they generally stem from the operational uses of UAS for governmental surveillance and law enforcement purposes. Working proactively to address security and privacy concerns could help prevent further delays in UAS integration. Finally, non-military UAS GPS signals are unencrypted, risking potential interruption of the command and control of UAS.

Why GAO Did This Study

UAS do not carry a pilot on board, but instead operate on pre-programmed routes and by following commands from pilot-operated ground stations. UAS can be small, generally 55 pounds or less, or large. Current domestic uses include law enforcement, forest fire monitoring, border security, weather research, and scientific data collection. However, current uses are limited. FAA authorizes UAS operations on a case-by-case basis after conducting a safety review. FAA and the other federal agencies that have a role or interest in UAS are working to provide routine access for UAS into the national airspace system.

As requested, this report discusses (1) the status of obstacles identified in GAO's 2008 report to integrate UAS into the national airspace system, (2) FAA's progress in meeting its congressional requirements for UAS, and (3) emerging issues. GAO reviewed and analyzed documents and interviewed relevant government, academic, and private-sector entities, as well as UAS users and civil liberties organizations.

What GAO Recommends

FAA should incorporate regular monitoring of its efforts to assess progress toward fulfilling its statutory requirements. FAA, DHS, and DOJ should explore whether any actions are needed to guide the collection and use of UAS-acquired data. GAO provided a draft of this report to officials at DOT, DHS, DOJ, and three other agencies. DHS and DOJ concurred with the recommendation; DOT officials agreed to consider the recommendations.

Recommendations for Executive Action

Status: Open

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: The Secretary of Transportation should direct the FAA Administrator to incorporate, in FAA's comprehensive plan (to be completed in November 2012) and the 5-year road map for UAS integration (to be completed in February 2013), mechanisms that allow for regular monitoring to assess progress toward safe and routine access of UAS into the national airspace system.

Agency Affected: Department of Transportation

Status: Closed - Implemented

Comments: In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.

Recommendation: The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.

Agency Affected: Department of Homeland Security

Status: Closed - Implemented

Comments: In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.

Recommendation: The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.

Agency Affected: Department of Justice

Status: Closed - Implemented

Comments: In 2012, GAO reported that concerns regarding the potential security and privacy implications of unmanned aircraft systems (UAS) are growing. As the number of UAS operating in the national airspace system increases, questions about how the security of the national airspace system will be protected and how data captured by UAS will be used by governmental or commercial entities will continue to arise. No single federal agency has been statutorily designated with specific responsibility to regulate privacy matters relating to UAS for the entire federal government. Rather a number of federal agencies including DOT, DHS, and DOJ, are statutorily required to establish a privacy office and/or Chief Privacy Officers to assess their agency programs, including proposed programs, systems, technologies, or rule-makings for privacy risks. Some UAS stakeholders believe that since FAA has responsibility to regulate the national airspace system, it could be positioned to handle responsibility for incorporating rules that govern UAS use and data collection. Other stakeholders believe that DHS or DOJ might be better positioned to address UAS privacy issues since they generally stem from the operational uses of UAS for surveillance and law enforcement purposes. While is it not clear what entity should be responsible for addressing privacy concerns across the federal government, many stakeholders believe that there should be federal regulations for the types of allowable uses of UAS to specifically protect the privacy of individuals as well as rules for the conditions and types of data that UAS can collect. However, these agencies have not yet stepped forward to proactively address privacy issues. This lack of activity may result from agency officials' belief that they do not have direct authority to regulate privacy issues for UAS or the current level of UAS activity in the national airspace system. Therefore, GAO recommended that DOT, DHS and the Attorney General initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data. Since November 2012, FAA's UAS Integration Office has met with DHS's Privacy Office and DOJ's Office of the Deputy Attorney General to develop privacy-related text for the UAS Comprehensive Plan and the UAS Roadmap. Also, these offices have participated in public forums on privacy and together held informal discussions about data privacy as it relates to UAS integration into the National Air Space (NAS). On July 9, 2013, these offices agreed to suspend further meetings in favor of participating in broader government-wide discussions occurring in a newly-formed Interagency Policy Committee on UAS. As a result of these actions, FAA, DHS and DOJ are now proactively working to address security and privacy concerns related to the integration of UAS into the national airspace system.

Recommendation: The Secretaries of Transportation and Homeland Security and the Attorney General should initiate discussions, prior to the integration of UAS into the national airspace system, to explore whether any actions should be taken to guide the collection and use of UAS-acquired data.